<?php
	require_once '../defines.php';
	require_once '../User/user.php';
	require_once '../includes/header.php';
	require_once '../DB/connect.php';
	
	$user = $_REQUEST["username"];
	$pass = $_REQUEST["password"];
	$user = mysql_real_escape_string($user);
	
	$username = mysql_query("SELECT * FROM users WHERE username='$user'");
	
	if($username != null){
		$row = mysql_fetch_array($username);
		
		if($row['password'] == md5($pass)){
			$userObj = new User($row['id'], $row['username'], $row['firstname'], $row['lastname']);
			echo "<p>Login Successful! Redirecting...</p>";
			session_regenerate_id();
			$_SESSION['valid'] = 1;
			$_SESSION['user'] = $row['username'];
			header("Location: http://".HOST."/DevManagement/main.php");
		}
		else{
			echo "<p>Login Failed with bad password! Redirecting...</p>";
			header("Location: http://".HOST."/DevManagement/Login/login.php");
		}
	}
	else
	{
  		echo"<p>Login Failed with bad username! Redirecting...</p>";
  		header("Location: http://".HOST."/DevManagement/Login/login.php");
	}
	require_once '../DB/disconnect.php';
	require_once '../includes/footer.php';
?>